Apple released security patches for CVE-2025-43300, an actively exploited zero-day vulnerability in their OS frameworks, to prevent memory corruption from malicious images. These updates are critical for targeted individuals as attackers have exploited this flaw in sophisticated campaigns. #CVE-2025-43300 #ImageIO
Keypoints
- Apple patched CVE-2025-43300 in iOS, iPadOS, and macOS to address memory corruption issues.
- The vulnerability resided in the ImageIO framework and was exploited via malicious images.
- Updates were released for multiple device models, including iPhone, iPad, and Mac systems.
- Attacks exploiting this flaw have targeted fewer than 200 individuals in spyware campaigns.
- Apple did not disclose technical details about the exploitation techniques used in these attacks.